Home > Backend Development > PHP Tutorial > PHP anti-sql injection filtering code

PHP anti-sql injection filtering code

高洛峰
Release: 2016-11-29 15:10:48
Original
2008 people have browsed it

We provide three functions to filter out some special characters. They mainly use PHP to filter out SQL sensitive strings. Now let’s take a look at this code. Friends in need can take a look and give an example. The code is as follows:

function phpsql_show($str){

$str = stripslashes($str);

$str = str_replace("\", "", $str);

$str = str_replace ("/", "/", $str);

$str = str_replace(" ", " ", $str);

$str = str_replace("," , ",", $str);

return $str;

}

function phpsql_post($str){

$str = stripslashes($str);

$str = str_replace("|", " |", $str);

$str = str_replace("<", "<", $str);

$str = str_replace(">", "> ", $str);

$str = str_replace(" ", " ", $str);

$str = str_replace(" ", " ", $str);

$str = str_replace("(", "(", $str);

$str = str_replace(")", ")", $str);

$str = str_replace ("`", "`", $str);

//$str = str_replace("'", "'", $str);

$str = str_replace('"' , """, $str);

$str = str_replace(",", ",", $str);

$str = str_replace("$", "$ ", $str);

$str = str_replace("", "\", $str);

$str = str_replace("/", "/", $str);

return $str;

}//Open source code phpfensi.com

function phpsql_replace($str){

$str = stripslashes($str);

$str = str_replace("'", "' ;", $str);

return $str;

}


Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template